fi/nix-infra
1
1
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
153 commits 1 branch 0 tags 304 KiB
Commit graph

153 commits

This branch
This branch
All branches
Author SHA1 Message Date
yuri 89324863a0 Use postgresql service from unstable 2023-11-25 21:31:41 +01:00
yuri 0b499b905f Update element-web to 1.11.50 2023-11-25 21:31:08 +01:00
yuri c5e743ae1c Fix http acme challange for status.nekover.se 2023-11-25 21:29:55 +01:00
yuri b8bb88a14b flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/9ba29e2346bc542e9909d1021e8fd7d4b3f64db0' (2023-11-23)
  → 'github:NixOS/nixpkgs/cbd3f3722ac41a200c1655141e021cf12c3ba4e6' (2023-11-24)
• Updated input 'nixpkgs-unstable':
    'github:NixOS/nixpkgs/da41de71f62bf7fb989a04e39629b8adbf8aa8b5' (2023-11-22)
  → 'github:NixOS/nixpkgs/1b99d72c8b7468def0c633635c469bf828db33a0' (2023-11-24)
 2023-11-25 20:55:08 +01:00
yuri 74d3a23685 flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/d7afe436f89670fb74eb0dcff2496f0ec530be48' (2023-11-16)
  → 'github:NixOS/nixpkgs/9ba29e2346bc542e9909d1021e8fd7d4b3f64db0' (2023-11-23)
• Updated input 'nixpkgs-unstable':
    'github:NixOS/nixpkgs/7bea27b7ef1c23c7433e52327d81a01702d34272' (2023-11-16)
  → 'github:NixOS/nixpkgs/da41de71f62bf7fb989a04e39629b8adbf8aa8b5' (2023-11-22)
 2023-11-23 18:45:34 +01:00
yuri 6449ce17d4 Update mastodon to v4.2.1 2023-11-20 23:16:20 +01:00
yuri 622701a344 flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/9fb122519e9cd465d532f736a98c1e1eb541ef6f' (2023-11-16)
  → 'github:NixOS/nixpkgs/d7afe436f89670fb74eb0dcff2496f0ec530be48' (2023-11-16)
• Updated input 'nixpkgs-unstable':
    'github:NixOS/nixpkgs/9008bc4eb62c878d0812105ea1b34255d651df88' (2023-11-15)
  → 'github:NixOS/nixpkgs/7bea27b7ef1c23c7433e52327d81a01702d34272' (2023-11-16)
 2023-11-17 21:02:54 +01:00
yuri 13188fac03 flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/d4b5a67bbe9ef750bd2fdffd4cad400dd5553af8' (2023-11-14)
  → 'github:NixOS/nixpkgs/9fb122519e9cd465d532f736a98c1e1eb541ef6f' (2023-11-16)
• Updated input 'nixpkgs-unstable':
    'github:NixOS/nixpkgs/3298a053090d4bc6a7315588f786b6c96114970f' (2023-11-14)
  → 'github:NixOS/nixpkgs/9008bc4eb62c878d0812105ea1b34255d651df88' (2023-11-15)
 2023-11-16 20:24:10 +01:00
yuri ada2072ed3 Update element-web to 1.11.49 2023-11-15 12:31:47 +01:00
yuri 06aa5ffc97 Update mastodon to 4.1.10 2023-11-15 12:31:28 +01:00
yuri 3c9eb64539 flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/1d55765508b8316798429875712dc1ef5e62a2fa' (2023-11-10)
  → 'github:NixOS/nixpkgs/d4b5a67bbe9ef750bd2fdffd4cad400dd5553af8' (2023-11-14)
• Updated input 'nixpkgs-unstable':
    'github:NixOS/nixpkgs/714e527a726c9613fca8e13586a1b19198d68d9b' (2023-11-10)
  → 'github:NixOS/nixpkgs/3298a053090d4bc6a7315588f786b6c96114970f' (2023-11-14)
 2023-11-15 12:19:19 +01:00
yuri 9240153c62 Add vapid public key 2023-11-15 12:18:23 +01:00
yuri cd2d708b98 Open firewall for jellyfin http port 2023-11-15 11:54:11 +01:00
yuri 85944e91c6 flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/33e938c7823e47a787ad4f76003d14ff92ad96dd' (2023-11-07)
  → 'github:NixOS/nixpkgs/1d55765508b8316798429875712dc1ef5e62a2fa' (2023-11-10)
• Updated input 'nixpkgs-unstable':
    'github:NixOS/nixpkgs/cfbb29d76949ae53c457f152c52c173ea4bdd862' (2023-11-07)
  → 'github:NixOS/nixpkgs/714e527a726c9613fca8e13586a1b19198d68d9b' (2023-11-10)
 2023-11-11 23:33:39 +01:00
yuri 87ee366855 flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/5896110a4e861bf2e675a3c3d8a171793fce2599' (2023-10-29)
  → 'github:NixOS/nixpkgs/33e938c7823e47a787ad4f76003d14ff92ad96dd' (2023-11-07)
• Updated input 'nixpkgs-unstable':
    'github:NixOS/nixpkgs/4e43dd49630303b00120c11d00d4fb01bb40188d' (2023-10-29)
  → 'github:NixOS/nixpkgs/cfbb29d76949ae53c457f152c52c173ea4bdd862' (2023-11-07)
 2023-11-09 23:28:59 +01:00
yuri c437f4dcb0 Update mastodon-nekoverse-patches 2023-11-09 23:10:53 +01:00
yuri fda132d798 flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/21443a102b1a2f037d02e1d22e3e0ffdda2dbff9' (2023-10-21)
  → 'github:NixOS/nixpkgs/5896110a4e861bf2e675a3c3d8a171793fce2599' (2023-10-29)
• Updated input 'nixpkgs-unstable':
    'github:NixOS/nixpkgs/8dfad603247387df1df4826b8bea58efc5d012d8' (2023-10-22)
  → 'github:NixOS/nixpkgs/4e43dd49630303b00120c11d00d4fb01bb40188d' (2023-10-29)
 2023-11-09 23:10:53 +01:00
yuri 8604ef73bd flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/0e1cff585c1a85aeab059d3109f66134a8f76935' (2023-10-15)
  → 'github:NixOS/nixpkgs/21443a102b1a2f037d02e1d22e3e0ffdda2dbff9' (2023-10-21)
• Updated input 'nixpkgs-unstable':
    'github:NixOS/nixpkgs/982b24c40e743793c966b47b3bb3699881489ae0' (2023-10-15)
  → 'github:NixOS/nixpkgs/8dfad603247387df1df4826b8bea58efc5d012d8' (2023-10-22)
 2023-11-09 23:10:53 +01:00
yuri bcb8034311 Bump element-web to v1.11.47 2023-11-09 23:10:53 +01:00
yuri 6be060d42c flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/22723a1d7deab53e5c1022906089e4247a5d3e77' (2023-10-09)
  → 'github:NixOS/nixpkgs/0e1cff585c1a85aeab059d3109f66134a8f76935' (2023-10-15)
• Updated input 'nixpkgs-unstable':
    'github:NixOS/nixpkgs/38aa96fc39c9719994f08100f791c27d31ee7892' (2023-10-09)
  → 'github:NixOS/nixpkgs/982b24c40e743793c966b47b3bb3699881489ae0' (2023-10-15)
 2023-11-09 23:10:53 +01:00
yuri 2a77ae39bc Add searx host 2023-11-09 23:10:53 +01:00
yuri d18a4ee24b Use OpenSSH config from CCCHH nix-infra repo 2023-11-09 23:10:53 +01:00
yuri 87170d4e9e flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/8be69c1764f58e07099e4a24b926f49bbada8c7f' (2023-10-09)
  → 'github:NixOS/nixpkgs/22723a1d7deab53e5c1022906089e4247a5d3e77' (2023-10-09)
• Updated input 'nixpkgs-unstable':
    'github:NixOS/nixpkgs/5a9c737c587d2c34d63c5b3cb53c6ab0705bdf4f' (2023-10-09)
  → 'github:NixOS/nixpkgs/38aa96fc39c9719994f08100f791c27d31ee7892' (2023-10-09)
 2023-11-09 23:10:53 +01:00
yuri 27a6513e84 Use stable channel and use helper function for acme challenge proxy 2023-11-09 23:10:53 +01:00
yuri 9c0398a3c1 Update element-web and clean up configuration 2023-11-09 23:10:53 +01:00
yuri e2ed2de11e flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/de9b8eb55b195f318eb839351b83b3560a990169' (2023-10-07)
  → 'github:NixOS/nixpkgs/8be69c1764f58e07099e4a24b926f49bbada8c7f' (2023-10-09)
• Updated input 'nixpkgs-unstable':
    'github:NixOS/nixpkgs/b7a3aaae3859cd1ffd4c4fd850bf45d0304f9033' (2023-10-07)
  → 'github:NixOS/nixpkgs/5a9c737c587d2c34d63c5b3cb53c6ab0705bdf4f' (2023-10-09)
 2023-11-09 23:10:53 +01:00
yuri a8ecf3d683 Remove nextcloud.grzb.de mapping 2023-11-09 23:10:53 +01:00
yuri 6b447c40aa Migrate Mastodon to NixOS 2023-11-09 23:10:53 +01:00
yuri db63ad370d flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/e49c28b3baa3a93bdadb8966dd128f9985ea0a09' (2023-10-04)
  → 'github:NixOS/nixpkgs/de9b8eb55b195f318eb839351b83b3560a990169' (2023-10-07)
• Updated input 'nixpkgs-unstable':
    'github:NixOS/nixpkgs/349bdd9653c42f1793d338b43aefe08883c5ebee' (2023-10-04)
  → 'github:NixOS/nixpkgs/b7a3aaae3859cd1ffd4c4fd850bf45d0304f9033' (2023-10-07)
 2023-11-09 23:10:53 +01:00
yuri c20c0e5a85 flake.lock: Update 
Flake lock file updates:

• Updated input 'nixos-generators':
    'github:nix-community/nixos-generators/8ee78470029e641cddbd8721496da1316b47d3b4' (2023-09-04)
  → 'github:nix-community/nixos-generators/150f38bd1e09e20987feacb1b0d5991357532fb5' (2023-09-30)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/ce210c81d3677233bedc9b70c70ab6d3e7f828f8' (2023-09-29)
  → 'github:NixOS/nixpkgs/e49c28b3baa3a93bdadb8966dd128f9985ea0a09' (2023-10-04)
• Updated input 'nixpkgs-unstable':
    'github:NixOS/nixpkgs/cdd726e1deb44c031ee8975528d6b283ed8cf021' (2023-09-29)
  → 'github:NixOS/nixpkgs/349bdd9653c42f1793d338b43aefe08883c5ebee' (2023-10-04)
 2023-11-09 23:10:53 +01:00
yuri 67c5a733ab Increase worker_connections and set worker_processes to auto 2023-11-09 23:10:53 +01:00
yuri f0368c9a61 Set locations priority for matrix reverse proxy 2023-11-09 23:10:53 +01:00
yuri 8bb1c5853b Enable sliding-sync for matrix-synapse 2023-11-09 23:10:53 +01:00
yuri 9ac8327798 flake.lock: Update 
Flake lock file updates:

• Updated input 'nixos-generators':
    'github:nix-community/nixos-generators/8ee78470029e641cddbd8721496da1316b47d3b4' (2023-09-04)
  → 'github:nix-community/nixos-generators/150f38bd1e09e20987feacb1b0d5991357532fb5' (2023-09-30)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/53d337b63c8f9d7e0f8709cae0008a9655bee33e' (2023-09-19)
  → 'github:NixOS/nixpkgs/ef8e9997fcb37d5c8372dc1349185bd0d31752a6' (2023-10-05)
• Updated input 'nixpkgs-unstable':
    'github:NixOS/nixpkgs/089313d7c7c864b21648d78fb8700062dafab1f2' (2023-09-18)
  → 'github:NixOS/nixpkgs/e462c9172c685f0839baaa54bb5b49276a23dab7' (2023-10-06)
 2023-11-09 23:10:53 +01:00
yuri 05883ca9a6 Also listen on "::1" 2023-11-09 23:10:53 +01:00
yuri 5813640e73 Enable dehydrated device feature for element-web client 2023-11-09 23:10:53 +01:00
yuri ffa09f900b Change Content-Security-Policy "frame-ancestors" from "none" to "self" 
Fixes downloads in element-web
 2023-11-09 23:10:53 +01:00
yuri 131fc871b7 Set real IP from local proxy 2023-11-09 23:10:52 +01:00
yuri ce5e907ed8 Setup paperless host and reverse proxy for acme http challange 2023-11-09 23:10:52 +01:00
yuri 4c918ad074 Set resolv.conf file manually for uptime-kuma container due to a bug 2023-11-09 23:10:52 +01:00
yuri eba7c018ed Use only snake case for element-web config since camel case is deprecated 2023-11-09 23:10:52 +01:00
yuri 21c0b67ac2 Configure TLS settings on mail relay 2023-11-09 23:10:52 +01:00
yuri eb84404a10 Enable TLS on mail relay 2023-11-09 23:10:52 +01:00
yuri cae1284094 Forward port 80 to mail servers for the http acme challange 2023-11-09 23:10:52 +01:00
yuri 6c6cfb6da8 Use snat rule instead if masquerade for wireguard nat 2023-11-09 23:10:52 +01:00
yuri 74d5abdfe2 Use a less generic nftables table name 2023-11-09 23:10:52 +01:00
yuri cd938d5020 Use another subnet for WireGuard tunnel as is conflicts with the openstack internal subnet 2023-11-09 23:10:52 +01:00
yuri f9971c842e Add tcpdump to default packages 2023-11-09 23:10:52 +01:00
yuri 3723b4edf2 Fix WireGuard nat rules 2023-11-09 23:10:52 +01:00
yuri e0d1e17bbb Change mail-1 wireguard port as it is already used for STS setup 2023-11-09 23:10:52 +01:00